Logging of client commands, possible?
RGiersig at a1.net
RGiersig at a1.net
Thu Mar 14 01:38:39 EST 2002
> > Apart from that, SSHs job is to secure communication *between*
> > hosts, not what is going on inside.
>
> Yes, you are right.
>
> And because SSH does not care about what's going on inside it does
> not snoop ttys. On Unix, tools should do _one_ thing and do it
> well, not 1000 things is a very mediocre way.
I'll word that differently in that I'd say "tools should solve *one*
problem". SSH does a *lot* of very different things, forwarding X
displays, propagating tty settings and signals, to name a few.
You are right, I could write a tty snooping app that interposes itself
between SSH and a shell, but this app would have to deal with tty and
signal forwarding, just as SSH, so I would steal the work already done
in SSH, strip out the network part and put in logging instead.
Probably 80% of the code would be shared with SSH. So why not
inserting the logging into SSH in the first place? Makes sense?
Roland
--
RGiersig at cpan.org
More information about the openssh-unix-dev
mailing list